A bad week for Tor

Peter Selmeczy

December 27, 2014

While many people have been enjoying their holidays the Tor network has come under a number of problems. Though it remains active and alive we’d recommend to everyone using the network to monitor the Tor Project website and Twitter Feed in order to make sure you’re aware of any flags and security measures that you might be required to take.

The issues started when last monday (15th Dec) Thomas White’s (@CthulhuSec) went down after suspected raids went down on his servers and thereby compromising the security of his exit nodes. You can read more about this here and we’d also recommend following White as his Twitter is up to date with first hand information and void of any speculations and instead filled with the pure facts.

As many people might be aware both the PSN and Xbox Live went down for the holidays thanks to a DDoS attack from TheLizardSquad . They have since stopped their attacks on these networks thanks to the generosity of the infamous Kim DotCom and his company Mega Privacy. Unfortunately the hackers chose the Tor Network as their next port of call.

Luckily for the Tor network the current status of the hack doesn’t have any serious precautions, a statement from Tor Project stated the following:

This looks like a regular attempt at a Sybil attack: the attackers have signed up many new relays in hopes of becoming a large fraction of the network.

But even though they are running thousands of new relays, their relays currently make up less than 1 per cent of the Tor network by capacity. We are working now to remove these relays from the network before they become a threat, and we don’t expect any anonymity or performance effects based on what we’ve seen so far.

Overall it seems like that par a few precautions and major blacklisting there are no serious issues with the Tor Network. However, if you do use the service we would fully recommend you keep checking back to us as well as the official news feeds mentioned above in order to make sure that the situation hasn’t escalated and your security hasn’t been compromised.